About 2FA at NC State

Learn more about how we use 2FA and how it keeps us safe.

Don’t be confused by its many names — multi-factor authentication, two-factor, or 2-step verification. Just think of it as another layer of protection for your most vital accounts. When you activate two-factor authentication, you will be required to log in with both your password and an additional security measure, such as one of these:

code delivered via text, voice call or mobile app

USB security key

printed backup code

push (or pop-up) notification on your smartphone.

Two-Factor at NC State

At NC State University, we have two services that provide multifactor authentication to the most vital campus resources.

Duo protects other NC State services that you log in to, such as MyPack Portal and WolfWare.
That name may be unfamiliar, but it’s how you access services such as MyPack Portal, WolfWare and library resources.

This includes faculty, staff, student employees, no-pay employees, and retirees.

New employees will have 30 days to enroll in both two-factor services. To find out more about this requirement, new employees can reference the New Hire Checklist or HR email communications, or contact their manager.

Why Use Two-Factor?

The university receives about one million email messages daily.Fifty percent are either spam or phishing scams.

On a monthly basis:

more than 200 people in our university community fall for a phishing email, and

150 accounts are disabled due to compromised credentials.

It is estimated that:

45 percent of users will fall victim to a well-crafted phishing email, and

When your Unity credentials are compromised, criminals have access to:

everything stored in your Google account, including Google Drive, and

sensitive data stored in the MyPack Portal, including W-2 Forms and payroll, billing and account information.

Up to 98 percent of email breaches can be prevented by two-factor authentication.

NC State must employ 2FA to be compliant with

various state and local policies and

standards such as NIST 800-171, PCI DSS and ISO 27002.

Research is becoming our highest regulated data, requiring controls such as encryption and two-factor authentication for grant acceptance.

Two-Factor Benefits

The main benefit of activating Two-Factor Authentication is a significant increase in protection of your account from hackers.
Here’s how that happens:

Two-Factor adds an extra barrier between your personal information and the bad guys.
To access your account, they would need to know your username and password as well as a security code.

Two-Factor can help keep attackers from accessing your email, documents, payroll, personal information, or research data.

Two-Factor requires a unique security code each time your account is accessed on an untrusted device, application or web browser.

If you receive a security code or push notification when you are not trying to log in to your account, you’ll immediately know that someone else is trying to. That means you should change your password!